Accessing the Internet by adopting network address translation (Network Address Translation, NAT) is already a major network access manner for companies, universities, or government institutions. By disposing a NAT host at an exit of a local area network, on one hand, Internet Protocol (Internet Protocol, IP) address resources can be saved, and on the other hand, security inside the local area network can be ensured and access permissions of internal staff can be controlled. However, the existence of the NAT host also becomes an obstacle for common network communications, and during communications, a capability of traversing the NAT host is necessarily required, so as to implement end-to-end data transmission.
Currently, many solutions are already used to resolve a problem of traversing the NAT host, and what are widely applied are session traversal utilities for NAT (Session Traversal Utilities for NAT, STUN), traversal using relays around NAT (Traversal Using Relays around NAT, TURN), interactive connectivity establishment (Interactive Connectivity Establishment, ICE), and the like. These methods are all provided solutions to address mapping and a filtering rule of the NAT host for an external data packet. However, when the NAT host limits an outbound communication port or an outbound communication protocol, none of the foregoing methods works.
Because the NAT generally allows Hypertext Transfer Protocol (Hypertext transfer protocol, HTTP) communications, the prior art proposes an HTTP Tunnel technology.
The HTTP Tunnel technology proposes that a user communication data packet is encapsulated in an HTTP format, an HTTP communication behavior is simulated, the data packet is sent to an extranet relay device, and the relay device recovers the data packet and forwards the data packet to a destination address.
Network environment detection in the HTTP Tunnel technology is briefly described as follows:
A client sends a detection request packet to a relay device of a public network by using the User Datagram Protocol (User Datagram Protocol, UDP). If a response is received by the client successfully, it indicates that the NAT host allows UDP communication over the port, and a next step is performed. Then, the detection is terminated; if the response is not received by the client successfully, the next step cannot be performed.
The client sends a detection request packet to the relay device of the public network by using the Transmission Control Protocol (Transmission Control Protocol, TCP). If a response is received by the client successfully, it indicates that the NAT host allows TCP communication over the port, and a next step is performed. Then, the detection is terminated; if the response is not received by the client successfully, the next step cannot be performed.
If both the UDP and the TCP fail, and only an 80 port or HTTP packet communication is allowed, an HTTP Tunnel module is started, and an HTTP channel is established between the client and the relay device to implement unimpeded data communication; finally, if the detection fails, the whole traversing the NAT host process fails.
The inventor of the present invention finds that: The HTTP Tunnel technology uses a signal-step detection manner, and next-step detection can be started only when a result of previous-step detection is obtained, which results in that if the start of the HTTP module consumes an excessively long time, the NAT host is traversed at a very low speed.